mirror of
https://github.com/containers/youki
synced 2024-05-11 18:16:12 +02:00
Compare commits
29 Commits
9a101a877a
...
e58ef3894b
Author | SHA1 | Date | |
---|---|---|---|
Darrell Tang | e58ef3894b | ||
Yashodhan | 601df9ecd3 | ||
dependabot[bot] | cd9bfd8d79 | ||
github-actions[bot] | 6422adc681 | ||
Yashodhan | f8ccba1eae | ||
github-actions[bot] | 6139965e61 | ||
dependabot[bot] | 4046ed54e1 | ||
dependabot[bot] | 1d109fe115 | ||
dependabot[bot] | d64d9b3bcd | ||
Toru Komatsu | 32e021e1e9 | ||
github-actions[bot] | aa9ef54caa | ||
Yashodhan | 79f08be664 | ||
dependabot[bot] | 1a0cd33cdf | ||
Yashodhan | 342ad60927 | ||
Darrell Tang | b069ca6005 | ||
Darrell Tang | fc12184c0d | ||
Darrell Tang | 31997ca60d | ||
Darrell Tang | 707141abc6 | ||
Darrell Tang | cf4145b5ee | ||
Darrell Tang | d973c8c152 | ||
Darrell Tang | 800521d92e | ||
Darrell Tang | 763fa0e991 | ||
Darrell Tang | df9c555f56 | ||
Darrell Tang | 07ac9742df | ||
Darrell Tang | cfe4069aae | ||
Darrell Tang | 1a48f3b82c | ||
Darrell Tang | ea18e74055 | ||
Darrell Tang | e9a81a5d73 | ||
Darrell Tang | 18a85fb09e |
|
@ -185,7 +185,7 @@ dependencies = [
|
|||
"cfg-if",
|
||||
"libc",
|
||||
"miniz_oxide",
|
||||
"object",
|
||||
"object 0.32.2",
|
||||
"rustc-demangle",
|
||||
]
|
||||
|
||||
|
@ -219,7 +219,7 @@ dependencies = [
|
|||
"bitflags 2.5.0",
|
||||
"cexpr",
|
||||
"clang-sys",
|
||||
"itertools 0.12.1",
|
||||
"itertools",
|
||||
"lazy_static",
|
||||
"lazycell",
|
||||
"proc-macro2",
|
||||
|
@ -308,9 +308,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "cap-fs-ext"
|
||||
version = "2.0.1"
|
||||
version = "3.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "88e341d15ac1029aadce600be764a1a1edafe40e03cde23285bc1d261b3a4866"
|
||||
checksum = "769f8cd02eb04d57f14e2e371ebb533f96817f9b2525d73a5c72b61ca7973747"
|
||||
dependencies = [
|
||||
"cap-primitives",
|
||||
"cap-std",
|
||||
|
@ -318,23 +318,11 @@ dependencies = [
|
|||
"windows-sys 0.52.0",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "cap-net-ext"
|
||||
version = "2.0.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "434168fe6533055f0f4204039abe3ff6d7db338ef46872a5fa39e9d5ad5ab7a9"
|
||||
dependencies = [
|
||||
"cap-primitives",
|
||||
"cap-std",
|
||||
"rustix",
|
||||
"smallvec",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "cap-primitives"
|
||||
version = "2.0.1"
|
||||
version = "3.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "fe16767ed8eee6d3f1f00d6a7576b81c226ab917eb54b96e5f77a5216ef67abb"
|
||||
checksum = "90a0b44fc796b1a84535a63753d50ba3972c4db55c7255c186f79140e63d56d0"
|
||||
dependencies = [
|
||||
"ambient-authority",
|
||||
"fs-set-times",
|
||||
|
@ -349,9 +337,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "cap-rand"
|
||||
version = "2.0.1"
|
||||
version = "3.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "20e5695565f0cd7106bc3c7170323597540e772bb73e0be2cd2c662a0f8fa4ca"
|
||||
checksum = "4327f08daac33a99bb03c54ae18c8f32c3ba31c728a33ddf683c6c6a5043de68"
|
||||
dependencies = [
|
||||
"ambient-authority",
|
||||
"rand",
|
||||
|
@ -359,9 +347,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "cap-std"
|
||||
version = "2.0.1"
|
||||
version = "3.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "593db20e4c51f62d3284bae7ee718849c3214f93a3b94ea1899ad85ba119d330"
|
||||
checksum = "266626ce180cf9709f317d0bf9754e3a5006359d87f4bf792f06c9c5f1b63c0f"
|
||||
dependencies = [
|
||||
"cap-primitives",
|
||||
"io-extras",
|
||||
|
@ -371,9 +359,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "cap-time-ext"
|
||||
version = "2.0.1"
|
||||
version = "3.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "03261630f291f425430a36f38c847828265bc928f517cdd2004c56f4b02f002b"
|
||||
checksum = "e1353421ba83c19da60726e35db0a89abef984b3be183ff6f58c5b8084fcd0c5"
|
||||
dependencies = [
|
||||
"ambient-authority",
|
||||
"cap-primitives",
|
||||
|
@ -595,9 +583,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "cpp_demangle"
|
||||
version = "0.3.5"
|
||||
version = "0.4.3"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "eeaa953eaad386a53111e47172c2fedba671e5684c8dd601a5f474f4f118710f"
|
||||
checksum = "7e8227005286ec39567949b33df9896bcadfa6051bccca2488129f108ca23119"
|
||||
dependencies = [
|
||||
"cfg-if",
|
||||
]
|
||||
|
@ -622,11 +610,11 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "cranelift-bforest"
|
||||
version = "0.105.3"
|
||||
version = "0.107.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "16d5521e2abca66bbb1ddeecbb6f6965c79160352ae1579b39f8c86183895c24"
|
||||
checksum = "79b27922a6879b5b5361d0a084cb0b1941bf109a98540addcb932da13b68bed4"
|
||||
dependencies = [
|
||||
"cranelift-entity 0.105.3",
|
||||
"cranelift-entity 0.107.0",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
@ -652,17 +640,17 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "cranelift-codegen"
|
||||
version = "0.105.3"
|
||||
version = "0.107.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "ef40a4338a47506e832ac3e53f7f1375bc59351f049a8379ff736dd02565bd95"
|
||||
checksum = "304c455b28bf56372729acb356afbb55d622f2b0f2f7837aa5e57c138acaac4d"
|
||||
dependencies = [
|
||||
"bumpalo",
|
||||
"cranelift-bforest 0.105.3",
|
||||
"cranelift-codegen-meta 0.105.3",
|
||||
"cranelift-codegen-shared 0.105.3",
|
||||
"cranelift-bforest 0.107.0",
|
||||
"cranelift-codegen-meta 0.107.0",
|
||||
"cranelift-codegen-shared 0.107.0",
|
||||
"cranelift-control",
|
||||
"cranelift-entity 0.105.3",
|
||||
"cranelift-isle 0.105.3",
|
||||
"cranelift-entity 0.107.0",
|
||||
"cranelift-isle 0.107.0",
|
||||
"gimli 0.28.1",
|
||||
"hashbrown 0.14.3",
|
||||
"log",
|
||||
|
@ -682,11 +670,11 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "cranelift-codegen-meta"
|
||||
version = "0.105.3"
|
||||
version = "0.107.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "d24cd5d85985c070f73dfca07521d09086362d1590105ba44b0932bf33513b61"
|
||||
checksum = "1653c56b99591d07f67c5ca7f9f25888948af3f4b97186bff838d687d666f613"
|
||||
dependencies = [
|
||||
"cranelift-codegen-shared 0.105.3",
|
||||
"cranelift-codegen-shared 0.107.0",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
@ -697,15 +685,15 @@ checksum = "278e52e29c53fcf32431ef08406c295699a70306d05a0715c5b1bf50e33a9ab7"
|
|||
|
||||
[[package]]
|
||||
name = "cranelift-codegen-shared"
|
||||
version = "0.105.3"
|
||||
version = "0.107.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "e0584c4363e3aa0a3c7cb98a778fbd5326a3709f117849a727da081d4051726c"
|
||||
checksum = "f5b6a9cf6b6eb820ee3f973a0db313c05dc12d370f37b4fe9630286e1672573f"
|
||||
|
||||
[[package]]
|
||||
name = "cranelift-control"
|
||||
version = "0.105.3"
|
||||
version = "0.107.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "f25ecede098c6553fdba362a8e4c9ecb8d40138363bff47f9712db75be7f0571"
|
||||
checksum = "d9d06e6bf30075fb6bed9e034ec046475093392eea1aff90eb5c44c4a033d19a"
|
||||
dependencies = [
|
||||
"arbitrary",
|
||||
]
|
||||
|
@ -732,9 +720,9 @@ checksum = "9a59bcbca89c3f1b70b93ab3cbba5e5e0cbf3e63dadb23c7525cb142e21a9d4c"
|
|||
|
||||
[[package]]
|
||||
name = "cranelift-entity"
|
||||
version = "0.105.3"
|
||||
version = "0.107.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "6ea081a42f25dc4c5b248b87efdd87dcd3842a1050a37524ec5391e6172058cb"
|
||||
checksum = "29be04f931b73cdb9694874a295027471817f26f26d2f0ebe5454153176b6e3a"
|
||||
dependencies = [
|
||||
"serde",
|
||||
"serde_derive",
|
||||
|
@ -754,11 +742,11 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "cranelift-frontend"
|
||||
version = "0.105.3"
|
||||
version = "0.107.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "9796e712f5af797e247784f7518e6b0a83a8907d73d51526982d86ecb3a58b68"
|
||||
checksum = "a07fd7393041d7faa2f37426f5dc7fc04003b70988810e8c063beefeff1cd8f9"
|
||||
dependencies = [
|
||||
"cranelift-codegen 0.105.3",
|
||||
"cranelift-codegen 0.107.0",
|
||||
"log",
|
||||
"smallvec",
|
||||
"target-lexicon",
|
||||
|
@ -772,34 +760,34 @@ checksum = "393bc73c451830ff8dbb3a07f61843d6cb41a084f9996319917c0b291ed785bb"
|
|||
|
||||
[[package]]
|
||||
name = "cranelift-isle"
|
||||
version = "0.105.3"
|
||||
version = "0.107.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "f4a66ccad5782f15c80e9dd5af0df4acfe6e3eee98e8f7354a2e5c8ec3104bdd"
|
||||
checksum = "f341d7938caa6dff8149dac05bb2b53fc680323826b83b4cf175ab9f5139a3c9"
|
||||
|
||||
[[package]]
|
||||
name = "cranelift-native"
|
||||
version = "0.105.3"
|
||||
version = "0.107.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "285e80df1d9b79ded9775b285df68b920a277b84f88a7228d2f5bc31fcdc58eb"
|
||||
checksum = "82af6066e6448d26eeabb7aa26a43f7ff79f8217b06bade4ee6ef230aecc8880"
|
||||
dependencies = [
|
||||
"cranelift-codegen 0.105.3",
|
||||
"cranelift-codegen 0.107.0",
|
||||
"libc",
|
||||
"target-lexicon",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "cranelift-wasm"
|
||||
version = "0.105.3"
|
||||
version = "0.107.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "4135b0ab01fd16aa8f8821196e9e2fe15953552ccaef8ba5153be0ced04ef757"
|
||||
checksum = "2766fab7284a914a7f17f90ebe865c86453225fb8637ac31f123f5028fee69cd"
|
||||
dependencies = [
|
||||
"cranelift-codegen 0.105.3",
|
||||
"cranelift-entity 0.105.3",
|
||||
"cranelift-frontend 0.105.3",
|
||||
"itertools 0.10.5",
|
||||
"cranelift-codegen 0.107.0",
|
||||
"cranelift-entity 0.107.0",
|
||||
"cranelift-frontend 0.107.0",
|
||||
"itertools",
|
||||
"log",
|
||||
"smallvec",
|
||||
"wasmparser 0.121.2",
|
||||
"wasmparser 0.202.0",
|
||||
"wasmtime-types",
|
||||
]
|
||||
|
||||
|
@ -1828,15 +1816,6 @@ dependencies = [
|
|||
"serde",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "itertools"
|
||||
version = "0.10.5"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "b0fd2260e829bddf4cb6ea802289de2f86d6a7a690192fbe91b3f46e0f2c8473"
|
||||
dependencies = [
|
||||
"either",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "itertools"
|
||||
version = "0.12.1"
|
||||
|
@ -2372,6 +2351,15 @@ name = "object"
|
|||
version = "0.32.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "a6a622008b6e321afc04970976f62ee297fdbaa6f95318ca343e3eebb9648441"
|
||||
dependencies = [
|
||||
"memchr",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "object"
|
||||
version = "0.33.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "d8dd6c0cdf9429bce006e1362bfce61fa1bfd8c898a643ed8d2b471934701d3d"
|
||||
dependencies = [
|
||||
"crc32fast",
|
||||
"hashbrown 0.14.3",
|
||||
|
@ -3199,9 +3187,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "rustls"
|
||||
version = "0.21.10"
|
||||
version = "0.21.11"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "f9d5a6813c0759e4609cd494e8e725babae6a2ca7b62a5536a13daaec6fcb7ba"
|
||||
checksum = "7fecbfb7b1444f477b345853b1fce097a2c6fb637b2bfb87e6bc5db0f043fae4"
|
||||
dependencies = [
|
||||
"log",
|
||||
"ring",
|
||||
|
@ -3258,6 +3246,15 @@ dependencies = [
|
|||
"winapi-util",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "scc"
|
||||
version = "2.1.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "ec96560eea317a9cc4e0bb1f6a2c93c09a19b8c4fc5cb3fcc0ec1c094cd783e2"
|
||||
dependencies = [
|
||||
"sdd",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "schannel"
|
||||
version = "0.1.23"
|
||||
|
@ -3289,6 +3286,12 @@ dependencies = [
|
|||
"untrusted",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "sdd"
|
||||
version = "0.2.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "b84345e4c9bd703274a082fb80caaa99b7612be48dfaa1dd9266577ec412309d"
|
||||
|
||||
[[package]]
|
||||
name = "seahash"
|
||||
version = "4.1.0"
|
||||
|
@ -3442,23 +3445,23 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "serial_test"
|
||||
version = "3.0.0"
|
||||
version = "3.1.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "953ad9342b3aaca7cb43c45c097dd008d4907070394bd0751a0aa8817e5a018d"
|
||||
checksum = "adb86f9315df5df6a70eae0cc22395a44e544a0d8897586820770a35ede74449"
|
||||
dependencies = [
|
||||
"dashmap",
|
||||
"futures",
|
||||
"lazy_static",
|
||||
"log",
|
||||
"once_cell",
|
||||
"parking_lot",
|
||||
"scc",
|
||||
"serial_test_derive",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "serial_test_derive"
|
||||
version = "3.0.0"
|
||||
version = "3.1.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "b93fb4adc70021ac1b47f7d45e8cc4169baaa7ea58483bc5b721d19a26202212"
|
||||
checksum = "a9bb72430492e9549b0c4596725c0f82729bff861c45aa8099c0a8e67fc3b721"
|
||||
dependencies = [
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
|
@ -3741,9 +3744,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "system-interface"
|
||||
version = "0.26.1"
|
||||
version = "0.27.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "0682e006dd35771e392a6623ac180999a9a854b1d4a6c12fb2e804941c2b1f58"
|
||||
checksum = "b858526d22750088a9b3cf2e3c2aacebd5377f13adeec02860c30d09113010a6"
|
||||
dependencies = [
|
||||
"bitflags 2.5.0",
|
||||
"cap-fs-ext",
|
||||
|
@ -3834,18 +3837,18 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "thiserror"
|
||||
version = "1.0.58"
|
||||
version = "1.0.59"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "03468839009160513471e86a034bb2c5c0e4baae3b43f79ffc55c4a5427b3297"
|
||||
checksum = "f0126ad08bff79f29fc3ae6a55cc72352056dfff61e3ff8bb7129476d44b23aa"
|
||||
dependencies = [
|
||||
"thiserror-impl",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "thiserror-impl"
|
||||
version = "1.0.58"
|
||||
version = "1.0.59"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "c61f3ba182994efc43764a46c018c347bc492c79f024e705f46567b418f6d4f7"
|
||||
checksum = "d1cd413b5d558b4c5bf3680e324a6fa5014e7b7c067a51e69dbdf47eb7148b66"
|
||||
dependencies = [
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
|
@ -4011,15 +4014,6 @@ dependencies = [
|
|||
"tracing",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "toml"
|
||||
version = "0.5.11"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "f4f7f0dd8d50a853a531c426359045b1998f04219d88799810762cd4ad314234"
|
||||
dependencies = [
|
||||
"serde",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "toml"
|
||||
version = "0.7.8"
|
||||
|
@ -4480,9 +4474,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
|
|||
|
||||
[[package]]
|
||||
name = "wasi-common"
|
||||
version = "18.0.3"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "95e022c29ad56af4cc0a8a8f0e0191abf9e0a0c4a68d25dfe088c39c9a8e3d2c"
|
||||
checksum = "63255d85e10627b07325d7cf4e5fe5a40fa4ff183569a0a67931be26d50ede07"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"bitflags 2.5.0",
|
||||
|
@ -4593,15 +4587,6 @@ version = "0.2.84"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "0046fef7e28c3804e5e38bfa31ea2a0f73905319b677e57ebe37e49358989b5d"
|
||||
|
||||
[[package]]
|
||||
name = "wasm-encoder"
|
||||
version = "0.41.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "972f97a5d8318f908dded23594188a90bcd09365986b1163e66d70170e5287ae"
|
||||
dependencies = [
|
||||
"leb128",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "wasm-encoder"
|
||||
version = "0.202.0"
|
||||
|
@ -4914,9 +4899,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wasmparser"
|
||||
version = "0.121.2"
|
||||
version = "0.202.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "9dbe55c8f9d0dbd25d9447a5a889ff90c0cc3feaa7395310d3d826b2c703eaab"
|
||||
checksum = "d6998515d3cf3f8b980ef7c11b29a9b1017d4cf86b99ae93b546992df9931413"
|
||||
dependencies = [
|
||||
"bitflags 2.5.0",
|
||||
"indexmap 2.2.6",
|
||||
|
@ -4925,19 +4910,19 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wasmprinter"
|
||||
version = "0.2.80"
|
||||
version = "0.202.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "60e73986a6b7fdfedb7c5bf9e7eb71135486507c8fbc4c0c42cffcb6532988b7"
|
||||
checksum = "ab1cc9508685eef9502e787f4d4123745f5651a1e29aec047645d3cac1e2da7a"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"wasmparser 0.121.2",
|
||||
"wasmparser 0.202.0",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "wasmtime"
|
||||
version = "18.0.3"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "8106d7d22d63d1bcb940e22dcc7b03e46f0fc8bfbaf2fd7b6cb8f448f9449774"
|
||||
checksum = "5a5990663c28d81015ddbb02a068ac1bf396a4ea296eba7125b2dfc7c00cb52e"
|
||||
dependencies = [
|
||||
"addr2line",
|
||||
"anyhow",
|
||||
|
@ -4952,17 +4937,18 @@ dependencies = [
|
|||
"ittapi",
|
||||
"libc",
|
||||
"log",
|
||||
"object",
|
||||
"object 0.33.0",
|
||||
"once_cell",
|
||||
"paste",
|
||||
"rayon",
|
||||
"rustix",
|
||||
"semver 1.0.22",
|
||||
"serde",
|
||||
"serde_derive",
|
||||
"serde_json",
|
||||
"target-lexicon",
|
||||
"wasm-encoder 0.41.2",
|
||||
"wasmparser 0.121.2",
|
||||
"wasm-encoder",
|
||||
"wasmparser 0.202.0",
|
||||
"wasmtime-cache",
|
||||
"wasmtime-component-macro",
|
||||
"wasmtime-component-util",
|
||||
|
@ -4972,6 +4958,7 @@ dependencies = [
|
|||
"wasmtime-jit-debug",
|
||||
"wasmtime-jit-icache-coherence",
|
||||
"wasmtime-runtime",
|
||||
"wasmtime-slab",
|
||||
"wasmtime-winch",
|
||||
"wat",
|
||||
"windows-sys 0.52.0",
|
||||
|
@ -4979,18 +4966,18 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wasmtime-asm-macros"
|
||||
version = "18.0.3"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "3b0cf02cea951ace34ee3b0e64b7f446c3519d1c95ad75bc5330f405e275ee8f"
|
||||
checksum = "625ee94c72004f3ea0228989c9506596e469517d7d0ed66f7300d1067bdf1ca9"
|
||||
dependencies = [
|
||||
"cfg-if",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "wasmtime-cache"
|
||||
version = "18.0.3"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "3249204a71d728d53fb3eea18afd0473f87e520445707a4d567ac4da0bb3eb5d"
|
||||
checksum = "98534bf28de232299e83eab33984a7a6c40c69534d6bd0ea216150b63d41a83a"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"base64",
|
||||
|
@ -5001,16 +4988,16 @@ dependencies = [
|
|||
"serde",
|
||||
"serde_derive",
|
||||
"sha2",
|
||||
"toml 0.5.11",
|
||||
"toml 0.8.12",
|
||||
"windows-sys 0.52.0",
|
||||
"zstd",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "wasmtime-component-macro"
|
||||
version = "18.0.3"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "7d3786c0531565ec6c9852c0e46299f06cb6e4b58d36e30f3c234cfa69bde376"
|
||||
checksum = "64f84414a25ee3a624c8b77550f3fe7b5d8145bd3405ca58886ee6900abb6dc2"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"proc-macro2",
|
||||
|
@ -5023,72 +5010,55 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wasmtime-component-util"
|
||||
version = "18.0.3"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "81eae2ec98027ee0b3950da83bc320120a23087ac4d39b3d59201cb5ebf52777"
|
||||
checksum = "78580bdb4e04c7da3bf98088559ca1d29382668536e4d5c7f2f966d79c390307"
|
||||
|
||||
[[package]]
|
||||
name = "wasmtime-cranelift"
|
||||
version = "18.0.3"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "595abdb067acdc812ab0f21d8d46d5aa4022392aa7c3e0632c20bff9ec49ffb4"
|
||||
checksum = "b60df0ee08c6a536c765f69e9e8205273435b66d02dd401e938769a2622a6c1a"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"cfg-if",
|
||||
"cranelift-codegen 0.105.3",
|
||||
"cranelift-codegen 0.107.0",
|
||||
"cranelift-control",
|
||||
"cranelift-entity 0.105.3",
|
||||
"cranelift-frontend 0.105.3",
|
||||
"cranelift-entity 0.107.0",
|
||||
"cranelift-frontend 0.107.0",
|
||||
"cranelift-native",
|
||||
"cranelift-wasm",
|
||||
"gimli 0.28.1",
|
||||
"log",
|
||||
"object",
|
||||
"object 0.33.0",
|
||||
"target-lexicon",
|
||||
"thiserror",
|
||||
"wasmparser 0.121.2",
|
||||
"wasmtime-cranelift-shared",
|
||||
"wasmparser 0.202.0",
|
||||
"wasmtime-environ",
|
||||
"wasmtime-versioned-export-macros",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "wasmtime-cranelift-shared"
|
||||
version = "18.0.3"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "e8c24c1fdea167b992d82ebe76471fd1cbe7b0b406bc72f9250f86353000134e"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"cranelift-codegen 0.105.3",
|
||||
"cranelift-control",
|
||||
"cranelift-native",
|
||||
"gimli 0.28.1",
|
||||
"object",
|
||||
"target-lexicon",
|
||||
"wasmtime-environ",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "wasmtime-environ"
|
||||
version = "18.0.3"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "3279d510005358141550d8a90a5fc989d7e81748e5759d582fe6bfdcbf074a04"
|
||||
checksum = "64ffc1613db69ee47c96738861534f9a405e422a5aa00224fbf5d410b03fb445"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"bincode",
|
||||
"cpp_demangle",
|
||||
"cranelift-entity 0.105.3",
|
||||
"cranelift-entity 0.107.0",
|
||||
"gimli 0.28.1",
|
||||
"indexmap 2.2.6",
|
||||
"log",
|
||||
"object",
|
||||
"object 0.33.0",
|
||||
"rustc-demangle",
|
||||
"serde",
|
||||
"serde_derive",
|
||||
"target-lexicon",
|
||||
"thiserror",
|
||||
"wasm-encoder 0.41.2",
|
||||
"wasmparser 0.121.2",
|
||||
"wasm-encoder",
|
||||
"wasmparser 0.202.0",
|
||||
"wasmprinter",
|
||||
"wasmtime-component-util",
|
||||
"wasmtime-types",
|
||||
|
@ -5096,9 +5066,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wasmtime-fiber"
|
||||
version = "18.0.3"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "9b1df665f2117741d1265f5663b0d93068b18120c2c4b18b9faed49d00d92c31"
|
||||
checksum = "f043514a23792761c5765f8ba61a4aa7d67f260c0c37494caabceb41d8ae81de"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"cc",
|
||||
|
@ -5111,11 +5081,11 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wasmtime-jit-debug"
|
||||
version = "18.0.3"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "63f307739370736e5b0cd2b45910ff96bcda6d5d68b2c4384bcedb0af4f3b321"
|
||||
checksum = "9c0ca2ad8f5d2b37f507ef1c935687a690e84e9f325f5a2af9639440b43c1f0e"
|
||||
dependencies = [
|
||||
"object",
|
||||
"object 0.33.0",
|
||||
"once_cell",
|
||||
"rustix",
|
||||
"wasmtime-versioned-export-macros",
|
||||
|
@ -5123,9 +5093,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wasmtime-jit-icache-coherence"
|
||||
version = "18.0.3"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "866634605089b4632b32226b54aa3670d72e1849f9fc425c7e50b3749c2e6df3"
|
||||
checksum = "7a9f93a3289057b26dc75eb84d6e60d7694f7d169c7c09597495de6e016a13ff"
|
||||
dependencies = [
|
||||
"cfg-if",
|
||||
"libc",
|
||||
|
@ -5134,9 +5104,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wasmtime-runtime"
|
||||
version = "18.0.3"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "e11185c88cadf595d228f5ae4ff9b4badbf9ca98dcb37b0310c36e31fa74867f"
|
||||
checksum = "c6332a2b0af4224c3ea57c857ad39acd2780ccc2b0c99ba1baa01864d90d7c94"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"cc",
|
||||
|
@ -5145,102 +5115,75 @@ dependencies = [
|
|||
"indexmap 2.2.6",
|
||||
"libc",
|
||||
"log",
|
||||
"mach",
|
||||
"mach2",
|
||||
"memfd",
|
||||
"memoffset 0.9.1",
|
||||
"paste",
|
||||
"psm",
|
||||
"rustix",
|
||||
"sptr",
|
||||
"wasm-encoder 0.41.2",
|
||||
"wasm-encoder",
|
||||
"wasmtime-asm-macros",
|
||||
"wasmtime-environ",
|
||||
"wasmtime-fiber",
|
||||
"wasmtime-jit-debug",
|
||||
"wasmtime-slab",
|
||||
"wasmtime-versioned-export-macros",
|
||||
"wasmtime-wmemcheck",
|
||||
"windows-sys 0.52.0",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "wasmtime-types"
|
||||
version = "18.0.3"
|
||||
name = "wasmtime-slab"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "f32377cbd827bee06fcb2f6bf97b0477fdcc86888bbe6db7b9cab8e644082e0a"
|
||||
checksum = "8b3655075824a374c536a2b2cc9283bb765fcdf3d58b58587862c48571ad81ef"
|
||||
|
||||
[[package]]
|
||||
name = "wasmtime-types"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "b98cf64a242b0b9257604181ca28b28a5fcaa4c9ea1d396f76d1d2d1c5b40eef"
|
||||
dependencies = [
|
||||
"cranelift-entity 0.105.3",
|
||||
"cranelift-entity 0.107.0",
|
||||
"serde",
|
||||
"serde_derive",
|
||||
"thiserror",
|
||||
"wasmparser 0.121.2",
|
||||
"wasmparser 0.202.0",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "wasmtime-versioned-export-macros"
|
||||
version = "18.0.3"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "4ab8d7566d206c42f8cf1d4ac90c5e40d3582e8eabad9b3b67e9e73c61fc47a1"
|
||||
checksum = "8561d9e2920db2a175213d557d71c2ac7695831ab472bbfafb9060cd1034684f"
|
||||
dependencies = [
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
"syn 2.0.58",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "wasmtime-wasi"
|
||||
version = "18.0.3"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "9ca912bda309188bd25ab7652c6654b34aacdf43047c716ee1cb685a28079078"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"async-trait",
|
||||
"bitflags 2.5.0",
|
||||
"bytes",
|
||||
"cap-fs-ext",
|
||||
"cap-net-ext",
|
||||
"cap-rand",
|
||||
"cap-std",
|
||||
"cap-time-ext",
|
||||
"fs-set-times",
|
||||
"futures",
|
||||
"io-extras",
|
||||
"io-lifetimes",
|
||||
"log",
|
||||
"once_cell",
|
||||
"rustix",
|
||||
"system-interface",
|
||||
"thiserror",
|
||||
"tokio",
|
||||
"tracing",
|
||||
"url",
|
||||
"wasi-common",
|
||||
"wasmtime",
|
||||
"wiggle",
|
||||
"windows-sys 0.52.0",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "wasmtime-winch"
|
||||
version = "18.0.3"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "ba5a97bfccc241d1769cef75eb16f472a893982704d5f3c9c71c431c1484344a"
|
||||
checksum = "a06b573d14ac846a0fb8c541d8fca6a64acf9a1d176176982472274ab1d2fa5d"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"cranelift-codegen 0.105.3",
|
||||
"cranelift-codegen 0.107.0",
|
||||
"gimli 0.28.1",
|
||||
"object",
|
||||
"object 0.33.0",
|
||||
"target-lexicon",
|
||||
"wasmparser 0.121.2",
|
||||
"wasmtime-cranelift-shared",
|
||||
"wasmparser 0.202.0",
|
||||
"wasmtime-cranelift",
|
||||
"wasmtime-environ",
|
||||
"winch-codegen",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "wasmtime-wit-bindgen"
|
||||
version = "18.0.3"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "faf2c76781a27e07802669f6f0e11eb4441546407eb65be60c3d862200988b92"
|
||||
checksum = "595bc7bb3b0ff4aa00fab718c323ea552c3034d77abc821a35112552f2ea487a"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"heck 0.4.1",
|
||||
|
@ -5248,12 +5191,6 @@ dependencies = [
|
|||
"wit-parser",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "wasmtime-wmemcheck"
|
||||
version = "18.0.3"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "3847d969bd203b8cd239f89581e52432a0f00b8c5c9bc917be2fccd7542c4f2f"
|
||||
|
||||
[[package]]
|
||||
name = "wast"
|
||||
version = "35.0.2"
|
||||
|
@ -5273,7 +5210,7 @@ dependencies = [
|
|||
"leb128",
|
||||
"memchr",
|
||||
"unicode-width",
|
||||
"wasm-encoder 0.202.0",
|
||||
"wasm-encoder",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
@ -5365,9 +5302,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wiggle"
|
||||
version = "18.0.3"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "7a7ecd6e1ffba1278cfd24a001a13da11d86801e0ad9342f11a370ce0df50e14"
|
||||
checksum = "1b6552dda951239e219c329e5a768393664e8d120c5e0818487ac2633f173b1f"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"async-trait",
|
||||
|
@ -5380,9 +5317,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wiggle-generate"
|
||||
version = "18.0.3"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "6c5490497a35d67040d4f2fd2491fbcad6dd225c5bd24681c2cd52a2f40a55ce"
|
||||
checksum = "da64cb31e0bfe8b1d2d13956ef9fd5c77545756a1a6ef0e6cfd44e8f1f207aed"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"heck 0.4.1",
|
||||
|
@ -5395,9 +5332,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wiggle-macro"
|
||||
version = "18.0.3"
|
||||
version = "20.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "d83f31d1c1a0d87842f1a2bf40bd230e25ba790c450f0d0ddb84524fd6955958"
|
||||
checksum = "900b2416ef2ff2903ded6cf55d4a941fed601bf56a8c4874856d7a77c1891994"
|
||||
dependencies = [
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
|
@ -5438,17 +5375,18 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
|
|||
|
||||
[[package]]
|
||||
name = "winch-codegen"
|
||||
version = "0.16.3"
|
||||
version = "0.18.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "1e0bd4d6cac8d69525d475d0ce1e0801eb6f314d42e764a52bd497ed3cb9c371"
|
||||
checksum = "fb23450977f9d4a23c02439cf6899340b2d68887b19465c5682740d9cc37d52e"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"cranelift-codegen 0.105.3",
|
||||
"cranelift-codegen 0.107.0",
|
||||
"gimli 0.28.1",
|
||||
"regalloc2 0.9.3",
|
||||
"smallvec",
|
||||
"target-lexicon",
|
||||
"wasmparser 0.121.2",
|
||||
"wasmparser 0.202.0",
|
||||
"wasmtime-cranelift",
|
||||
"wasmtime-environ",
|
||||
]
|
||||
|
||||
|
@ -5682,9 +5620,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wit-parser"
|
||||
version = "0.13.2"
|
||||
version = "0.202.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "316b36a9f0005f5aa4b03c39bc3728d045df136f8c13a73b7db4510dec725e08"
|
||||
checksum = "744237b488352f4f27bca05a10acb79474415951c450e52ebd0da784c1df2bcc"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"id-arena",
|
||||
|
@ -5695,6 +5633,7 @@ dependencies = [
|
|||
"serde_derive",
|
||||
"serde_json",
|
||||
"unicode-xid",
|
||||
"wasmparser 0.202.0",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
@ -5764,11 +5703,11 @@ dependencies = [
|
|||
"tracing-journald",
|
||||
"tracing-subscriber",
|
||||
"vergen",
|
||||
"wasi-common",
|
||||
"wasmedge-sdk",
|
||||
"wasmer",
|
||||
"wasmer-wasix",
|
||||
"wasmtime",
|
||||
"wasmtime-wasi",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
@ -5793,20 +5732,19 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "zstd"
|
||||
version = "0.11.2+zstd.1.5.2"
|
||||
version = "0.13.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "20cc960326ece64f010d2d2107537f26dc589a6573a316bd5b1dba685fa5fde4"
|
||||
checksum = "2d789b1514203a1120ad2429eae43a7bd32b90976a7bb8a05f7ec02fa88cc23a"
|
||||
dependencies = [
|
||||
"zstd-safe",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "zstd-safe"
|
||||
version = "5.0.2+zstd.1.5.2"
|
||||
version = "7.1.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "1d2a5585e04f9eea4b2a3d1eca508c4dee9592a89ef6f450c11719da0726f4db"
|
||||
checksum = "1cd99b45c6bc03a018c8b8a86025678c87e55526064e38f9df301989dce7ec0a"
|
||||
dependencies = [
|
||||
"libc",
|
||||
"zstd-sys",
|
||||
]
|
||||
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
[build]
|
||||
default-target = "x86_64-unknown-linux-gnu"
|
||||
env.passthrough = ["XDG_RUNTIME_DIR"]
|
||||
|
||||
[target.aarch64-unknown-linux-gnu]
|
||||
dockerfile = "cross/Dockerfile.gnu"
|
||||
|
|
|
@ -29,7 +29,7 @@ rbpf = { version = "0.2.0", optional = true }
|
|||
libbpf-sys = { version = "1.4.0", optional = true }
|
||||
errno = { version = "0.3.8", optional = true }
|
||||
libc = { version = "0.2.153", optional = true }
|
||||
thiserror = "1.0.58"
|
||||
thiserror = "1.0.59"
|
||||
tracing = { version = "0.1.40", features = ["attributes"] }
|
||||
|
||||
[dev-dependencies]
|
||||
|
@ -41,5 +41,5 @@ clap = "4.1.6"
|
|||
serde = { version = "1.0", features = ["derive"] }
|
||||
serde_json = "1.0"
|
||||
env_logger = "0.11"
|
||||
serial_test = "3.0.0"
|
||||
serial_test = "3.1.0"
|
||||
tempfile = "3"
|
||||
|
|
|
@ -26,4 +26,11 @@ pub trait SystemdClient {
|
|||
fn systemd_version(&self) -> Result<u32, SystemdClientError>;
|
||||
|
||||
fn control_cgroup_root(&self) -> Result<PathBuf, SystemdClientError>;
|
||||
|
||||
fn add_process_to_unit(
|
||||
&self,
|
||||
unit_name: &str,
|
||||
subcgroup: &str,
|
||||
pid: u32,
|
||||
) -> Result<(), SystemdClientError>;
|
||||
}
|
||||
|
|
|
@ -453,6 +453,10 @@ impl SystemdClient for DbusConnection {
|
|||
let cgroup_root = proxy.control_group()?;
|
||||
Ok(PathBuf::from(&cgroup_root))
|
||||
}
|
||||
fn add_process_to_unit(&self, unit_name: &str, subcgroup: &str, pid: u32) -> Result<()> {
|
||||
let proxy = self.create_proxy();
|
||||
proxy.attach_process(unit_name, subcgroup, pid)
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
|
|
|
@ -239,4 +239,11 @@ impl<'conn> Proxy<'conn> {
|
|||
v => panic!("control group expected string variant, got {:?} instead", v),
|
||||
}
|
||||
}
|
||||
pub fn attach_process(&self, name: &str, cgroup: &str, pid: u32) -> Result<()> {
|
||||
self.method_call::<_, ()>(
|
||||
"org.freedesktop.systemd1.Manager",
|
||||
"AttachProcessesToUnit",
|
||||
Some((name, cgroup, vec![pid])),
|
||||
)
|
||||
}
|
||||
}
|
||||
|
|
|
@ -353,6 +353,12 @@ impl CgroupManager for Manager {
|
|||
if pid.as_raw() == -1 {
|
||||
return Ok(());
|
||||
}
|
||||
if self.client.transient_unit_exists(&self.unit_name) {
|
||||
tracing::debug!("Transient unit {:?} already exists", self.unit_name);
|
||||
self.client
|
||||
.add_process_to_unit(&self.unit_name, "", pid.as_raw() as u32)?;
|
||||
return Ok(());
|
||||
}
|
||||
|
||||
tracing::debug!("Starting {:?}", self.unit_name);
|
||||
self.client.start_transient_unit(
|
||||
|
@ -430,8 +436,11 @@ mod tests {
|
|||
use anyhow::{Context, Result};
|
||||
|
||||
use super::*;
|
||||
use crate::systemd::dbus_native::{
|
||||
client::SystemdClient, serialize::Variant, utils::SystemdClientError,
|
||||
use crate::{
|
||||
common::DEFAULT_CGROUP_ROOT,
|
||||
systemd::dbus_native::{
|
||||
client::SystemdClient, serialize::Variant, utils::SystemdClientError,
|
||||
},
|
||||
};
|
||||
|
||||
struct TestSystemdClient {}
|
||||
|
@ -474,6 +483,15 @@ mod tests {
|
|||
fn control_cgroup_root(&self) -> Result<PathBuf, SystemdClientError> {
|
||||
Ok(PathBuf::from("/"))
|
||||
}
|
||||
|
||||
fn add_process_to_unit(
|
||||
&self,
|
||||
_unit_name: &str,
|
||||
_subcgroup: &str,
|
||||
_pid: u32,
|
||||
) -> Result<(), SystemdClientError> {
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
@ -528,4 +546,36 @@ mod tests {
|
|||
|
||||
Ok(())
|
||||
}
|
||||
#[test]
|
||||
fn test_task_addition() {
|
||||
let manager = Manager::new(
|
||||
DEFAULT_CGROUP_ROOT.into(),
|
||||
":youki:test".into(),
|
||||
"youki_test_container".into(),
|
||||
false,
|
||||
)
|
||||
.unwrap();
|
||||
let mut p1 = std::process::Command::new("sleep")
|
||||
.arg("1s")
|
||||
.spawn()
|
||||
.unwrap();
|
||||
let p1_id = nix::unistd::Pid::from_raw(p1.id() as i32);
|
||||
let mut p2 = std::process::Command::new("sleep")
|
||||
.arg("1s")
|
||||
.spawn()
|
||||
.unwrap();
|
||||
let p2_id = nix::unistd::Pid::from_raw(p2.id() as i32);
|
||||
manager.add_task(p1_id).unwrap();
|
||||
manager.add_task(p2_id).unwrap();
|
||||
let all_pids = manager.get_all_pids().unwrap();
|
||||
assert!(all_pids.contains(&p1_id));
|
||||
assert!(all_pids.contains(&p2_id));
|
||||
// wait till both processes are finished so we can cleanup the cgroup
|
||||
let _ = p1.wait();
|
||||
let _ = p2.wait();
|
||||
manager.remove().unwrap();
|
||||
// the remove call above should remove the dir, we just do this again
|
||||
// for contingency, and thus ignore the result
|
||||
let _ = fs::remove_dir(&manager.full_path);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -151,6 +151,10 @@ impl CgroupManager for Manager {
|
|||
type Error = V2ManagerError;
|
||||
|
||||
fn add_task(&self, pid: Pid) -> Result<(), Self::Error> {
|
||||
if self.full_path.exists() {
|
||||
common::write_cgroup_file(self.full_path.join(CGROUP_PROCS), pid)?;
|
||||
return Ok(());
|
||||
}
|
||||
self.create_unified_cgroup(pid)?;
|
||||
Ok(())
|
||||
}
|
||||
|
|
|
@ -50,7 +50,7 @@ serde_json = "1.0"
|
|||
rust-criu = "0.4.0"
|
||||
protobuf = "= 3.2.0" # https://github.com/checkpoint-restore/rust-criu/issues/19
|
||||
regex = "1.10.4"
|
||||
thiserror = "1.0.58"
|
||||
thiserror = "1.0.59"
|
||||
tracing = { version = "0.1.40", features = ["attributes"] }
|
||||
safe-path = "0.1.0"
|
||||
nc = "0.8.20"
|
||||
|
@ -58,7 +58,7 @@ nc = "0.8.20"
|
|||
[dev-dependencies]
|
||||
oci-spec = { version = "~0.6.4", features = ["proptests", "runtime"] }
|
||||
quickcheck = "1"
|
||||
serial_test = "3.0.0"
|
||||
serial_test = "3.1.0"
|
||||
tempfile = "3"
|
||||
anyhow = "1.0"
|
||||
rand = { version = "0.8.5" }
|
||||
|
|
|
@ -47,7 +47,7 @@ pub struct YoukiConfig {
|
|||
}
|
||||
|
||||
impl<'a> YoukiConfig {
|
||||
pub fn from_spec(spec: &'a Spec, container_id: &str, new_user_ns: bool) -> Result<Self> {
|
||||
pub fn from_spec(spec: &'a Spec, container_id: &str) -> Result<Self> {
|
||||
Ok(YoukiConfig {
|
||||
hooks: spec.hooks().clone(),
|
||||
cgroup_path: utils::get_cgroup_path(
|
||||
|
@ -56,7 +56,6 @@ impl<'a> YoukiConfig {
|
|||
.ok_or(ConfigError::MissingLinux)?
|
||||
.cgroups_path(),
|
||||
container_id,
|
||||
new_user_ns,
|
||||
),
|
||||
})
|
||||
}
|
||||
|
@ -106,10 +105,13 @@ mod tests {
|
|||
fn test_config_from_spec() -> Result<()> {
|
||||
let container_id = "sample";
|
||||
let spec = Spec::default();
|
||||
let config = YoukiConfig::from_spec(&spec, container_id, false)?;
|
||||
let config = YoukiConfig::from_spec(&spec, container_id)?;
|
||||
assert_eq!(&config.hooks, spec.hooks());
|
||||
dbg!(&config.cgroup_path);
|
||||
assert_eq!(config.cgroup_path, PathBuf::from(container_id));
|
||||
assert_eq!(
|
||||
config.cgroup_path,
|
||||
PathBuf::from(format!(":youki:{container_id}"))
|
||||
);
|
||||
Ok(())
|
||||
}
|
||||
|
||||
|
@ -118,7 +120,7 @@ mod tests {
|
|||
let container_id = "sample";
|
||||
let tmp = tempfile::tempdir().expect("create temp dir");
|
||||
let spec = Spec::default();
|
||||
let config = YoukiConfig::from_spec(&spec, container_id, false)?;
|
||||
let config = YoukiConfig::from_spec(&spec, container_id)?;
|
||||
config.save(&tmp)?;
|
||||
let act = YoukiConfig::load(&tmp)?;
|
||||
assert_eq!(act, config);
|
||||
|
|
|
@ -68,11 +68,7 @@ impl ContainerBuilderImpl {
|
|||
|
||||
fn run_container(&mut self) -> Result<Pid, LibcontainerError> {
|
||||
let linux = self.spec.linux().as_ref().ok_or(MissingSpecError::Linux)?;
|
||||
let cgroups_path = utils::get_cgroup_path(
|
||||
linux.cgroups_path(),
|
||||
&self.container_id,
|
||||
self.user_ns_config.is_some(),
|
||||
);
|
||||
let cgroups_path = utils::get_cgroup_path(linux.cgroups_path(), &self.container_id);
|
||||
let cgroup_config = libcgroups::common::CgroupConfig {
|
||||
cgroup_path: cgroups_path,
|
||||
systemd_cgroup: self.use_systemd || self.user_ns_config.is_some(),
|
||||
|
@ -186,11 +182,7 @@ impl ContainerBuilderImpl {
|
|||
|
||||
fn cleanup_container(&self) -> Result<(), LibcontainerError> {
|
||||
let linux = self.spec.linux().as_ref().ok_or(MissingSpecError::Linux)?;
|
||||
let cgroups_path = utils::get_cgroup_path(
|
||||
linux.cgroups_path(),
|
||||
&self.container_id,
|
||||
self.user_ns_config.is_some(),
|
||||
);
|
||||
let cgroups_path = utils::get_cgroup_path(linux.cgroups_path(), &self.container_id);
|
||||
let cmanager =
|
||||
libcgroups::common::create_cgroup_manager(libcgroups::common::CgroupConfig {
|
||||
cgroup_path: cgroups_path,
|
||||
|
|
|
@ -332,8 +332,7 @@ mod tests {
|
|||
let tmp_dir = tempfile::tempdir().unwrap();
|
||||
use oci_spec::runtime::Spec;
|
||||
let spec = Spec::default();
|
||||
let config =
|
||||
YoukiConfig::from_spec(&spec, "123", false).context("convert spec to config")?;
|
||||
let config = YoukiConfig::from_spec(&spec, "123").context("convert spec to config")?;
|
||||
config.save(tmp_dir.path()).context("save config")?;
|
||||
|
||||
let container = Container {
|
||||
|
|
|
@ -88,7 +88,7 @@ impl InitContainerBuilder {
|
|||
|
||||
let user_ns_config = UserNamespaceConfig::new(&spec)?;
|
||||
|
||||
let config = YoukiConfig::from_spec(&spec, container.id(), user_ns_config.is_some())?;
|
||||
let config = YoukiConfig::from_spec(&spec, container.id())?;
|
||||
config.save(&container_dir).map_err(|err| {
|
||||
tracing::error!(?container_dir, "failed to save config: {}", err);
|
||||
err
|
||||
|
|
|
@ -327,9 +327,17 @@ impl TenantContainerBuilder {
|
|||
|
||||
let init_process = procfs::process::Process::new(container_pid.as_raw())?;
|
||||
let ns = self.get_namespaces(init_process.namespaces()?.0)?;
|
||||
let linux = LinuxBuilder::default().namespaces(ns).build()?;
|
||||
|
||||
// it should never be the case that linux is not present in spec
|
||||
let spec_linux = spec.linux().as_ref().unwrap();
|
||||
let mut linux_builder = LinuxBuilder::default().namespaces(ns);
|
||||
|
||||
if let Some(ref cgroup_path) = spec_linux.cgroups_path() {
|
||||
linux_builder = linux_builder.cgroups_path(cgroup_path.clone());
|
||||
}
|
||||
let linux = linux_builder.build()?;
|
||||
spec.set_process(Some(process)).set_linux(Some(linux));
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
|
|
|
@ -224,12 +224,25 @@ mod tests {
|
|||
#[serial]
|
||||
fn test_setup_console() {
|
||||
let init = setup();
|
||||
// duplicate the existing std* fds
|
||||
// we need to restore them later, and we cannot simply store them
|
||||
// as they themselves get modified in setup_console
|
||||
let old_stdin: RawFd = nix::unistd::dup(StdIO::Stdin.into()).unwrap();
|
||||
let old_stdout: RawFd = nix::unistd::dup(StdIO::Stdout.into()).unwrap();
|
||||
let old_stderr: RawFd = nix::unistd::dup(StdIO::Stderr.into()).unwrap();
|
||||
|
||||
assert!(init.is_ok());
|
||||
let (testdir, rundir_path, socket_path) = init.unwrap();
|
||||
let lis = UnixListener::bind(Path::join(testdir.path(), "console-socket"));
|
||||
assert!(lis.is_ok());
|
||||
let fd = setup_console_socket(&rundir_path, &socket_path, CONSOLE_SOCKET);
|
||||
let status = setup_console(&fd.unwrap());
|
||||
|
||||
// restore the original std* before doing final assert
|
||||
dup2(old_stdin, StdIO::Stdin.into()).unwrap();
|
||||
dup2(old_stdout, StdIO::Stdout.into()).unwrap();
|
||||
dup2(old_stderr, StdIO::Stderr.into()).unwrap();
|
||||
|
||||
assert!(status.is_ok());
|
||||
}
|
||||
}
|
||||
|
|
|
@ -147,17 +147,10 @@ pub fn get_user_home(uid: u32) -> Option<PathBuf> {
|
|||
}
|
||||
|
||||
/// If None, it will generate a default path for cgroups.
|
||||
pub fn get_cgroup_path(
|
||||
cgroups_path: &Option<PathBuf>,
|
||||
container_id: &str,
|
||||
new_user_ns: bool,
|
||||
) -> PathBuf {
|
||||
pub fn get_cgroup_path(cgroups_path: &Option<PathBuf>, container_id: &str) -> PathBuf {
|
||||
match cgroups_path {
|
||||
Some(cpath) => cpath.clone(),
|
||||
None => match new_user_ns {
|
||||
false => PathBuf::from(container_id),
|
||||
true => PathBuf::from(format!(":youki:{container_id}")),
|
||||
},
|
||||
None => PathBuf::from(format!(":youki:{container_id}")),
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -323,11 +316,11 @@ mod tests {
|
|||
fn test_get_cgroup_path() {
|
||||
let cid = "sample_container_id";
|
||||
assert_eq!(
|
||||
get_cgroup_path(&None, cid, false),
|
||||
PathBuf::from("sample_container_id")
|
||||
get_cgroup_path(&None, cid),
|
||||
PathBuf::from(":youki:sample_container_id")
|
||||
);
|
||||
assert_eq!(
|
||||
get_cgroup_path(&Some(PathBuf::from("/youki")), cid, false),
|
||||
get_cgroup_path(&Some(PathBuf::from("/youki")), cid),
|
||||
PathBuf::from("/youki")
|
||||
);
|
||||
}
|
||||
|
|
|
@ -19,7 +19,7 @@ cgroupsv2_devices = ["libcgroups/cgroupsv2_devices", "libcontainer/cgroupsv2_dev
|
|||
|
||||
wasm-wasmer = ["wasmer", "wasmer-wasix"]
|
||||
wasm-wasmedge = ["wasmedge-sdk/standalone", "wasmedge-sdk/static"]
|
||||
wasm-wasmtime = ["wasmtime", "wasmtime-wasi"]
|
||||
wasm-wasmtime = ["wasmtime", "wasi-common"]
|
||||
|
||||
[dependencies.clap]
|
||||
version = "4.1.6"
|
||||
|
@ -44,14 +44,14 @@ caps = "0.5.5"
|
|||
wasmer = { version = "4.0.0", optional = true }
|
||||
wasmer-wasix = { version = "0.9.0", optional = true }
|
||||
wasmedge-sdk = { version = "0.13.2", optional = true }
|
||||
wasmtime = { version = "18.0.3", optional = true }
|
||||
wasmtime-wasi = { version = "18.0.3", optional = true }
|
||||
wasmtime = { version = "20.0.0", optional = true }
|
||||
wasi-common = { version = "20.0.0", optional = true }
|
||||
tracing = { version = "0.1.40", features = ["attributes"] }
|
||||
tracing-subscriber = { version = "0.3.18", features = ["json", "env-filter"] }
|
||||
tracing-journald = "0.3.0"
|
||||
|
||||
[dev-dependencies]
|
||||
serial_test = "3.0.0"
|
||||
serial_test = "3.1.0"
|
||||
tempfile = "3"
|
||||
scopeguard = "1.2.0"
|
||||
|
||||
|
|
|
@ -1,8 +1,276 @@
|
|||
//! Contains Functionality of `features` container command
|
||||
use anyhow::Result;
|
||||
use caps::{all, CapSet};
|
||||
use liboci_cli::Features;
|
||||
use serde::{Deserialize, Serialize};
|
||||
use std::collections::HashMap;
|
||||
use std::path::Path;
|
||||
|
||||
pub const ANNOTATION_RUNC_VERSION: &str = "org.opencontainers.runc.version";
|
||||
pub const ANNOTATION_RUNC_COMMIT: &str = "org.opencontainers.runc.commit";
|
||||
pub const ANNOTATION_RUNC_CHECKPOINT_ENABLED: &str = "org.opencontainers.runc.checkpoint.enabled";
|
||||
pub const ANNOTATION_LIBSECCOMP_VERSION: &str = "io.github.seccomp.libseccomp.version";
|
||||
|
||||
#[derive(Debug, Serialize, Deserialize)]
|
||||
pub struct HardFeatures {
|
||||
// Minimum OCI Runtime Spec version recognized by the runtime, e.g., "1.0.0".
|
||||
oci_version_min: Option<String>,
|
||||
// Maximum OCI Runtime Spec version recognized by the runtime, e.g., "1.0.2-dev".
|
||||
oci_version_max: Option<String>,
|
||||
// List of the recognized hook names, e.g., "createRuntime".
|
||||
hooks: Option<Vec<String>>,
|
||||
// List of the recognized mount options, e.g., "ro".
|
||||
mount_options: Option<Vec<String>>,
|
||||
// Specific to Linux.
|
||||
linux: Option<Linux>,
|
||||
// Contains implementation-specific annotation strings.
|
||||
annotations: Option<std::collections::HashMap<String, String>>,
|
||||
}
|
||||
|
||||
// Specific to Linux.
|
||||
#[derive(Debug, Serialize, Deserialize)]
|
||||
pub struct Linux {
|
||||
// List of the recognized namespaces, e.g., "mount".
|
||||
namespaces: Option<Vec<String>>,
|
||||
// List of the recognized capabilities, e.g., "CAP_SYS_ADMIN".
|
||||
capabilities: Option<Vec<String>>,
|
||||
cgroup: Option<Cgroup>,
|
||||
seccomp: Option<Seccomp>,
|
||||
apparmor: Option<Apparmor>,
|
||||
selinux: Option<Selinux>,
|
||||
}
|
||||
|
||||
#[derive(Debug, Serialize, Deserialize)]
|
||||
struct Seccomp {
|
||||
enabled: Option<bool>,
|
||||
actions: Option<Vec<String>>,
|
||||
operators: Option<Vec<String>>,
|
||||
archs: Option<Vec<String>>,
|
||||
}
|
||||
|
||||
#[derive(Debug, Serialize, Deserialize)]
|
||||
struct Apparmor {
|
||||
enabled: Option<bool>,
|
||||
}
|
||||
|
||||
#[derive(Debug, Serialize, Deserialize)]
|
||||
struct Selinux {
|
||||
enabled: Option<bool>,
|
||||
}
|
||||
|
||||
#[derive(Debug, Serialize, Deserialize)]
|
||||
struct Cgroup {
|
||||
v1: Option<bool>,
|
||||
v2: Option<bool>,
|
||||
systemd: Option<bool>,
|
||||
systemd_user: Option<bool>,
|
||||
}
|
||||
|
||||
// Function to query and return capabilities
|
||||
fn query_caps() -> Result<Vec<String>> {
|
||||
let mut available_caps = Vec::new();
|
||||
|
||||
for cap in all() {
|
||||
// Check if the capability is in the permitted set
|
||||
if caps::has_cap(None, CapSet::Permitted, cap).unwrap_or(false) {
|
||||
available_caps.push(format!("{:?}", cap));
|
||||
}
|
||||
}
|
||||
|
||||
Ok(available_caps)
|
||||
}
|
||||
|
||||
// Function to query and return namespaces
|
||||
fn query_supported_namespaces() -> Result<Vec<String>> {
|
||||
let mut supported_namespaces = Vec::new();
|
||||
|
||||
let ns_types = vec!["pid", "net", "uts", "ipc", "mnt", "user", "cgroup", "time"];
|
||||
|
||||
for ns in ns_types {
|
||||
let ns_path = format!("/proc/self/ns/{}", ns);
|
||||
if Path::new(&ns_path).exists() {
|
||||
supported_namespaces.push(ns.to_string());
|
||||
}
|
||||
}
|
||||
|
||||
Ok(supported_namespaces)
|
||||
}
|
||||
|
||||
/// lists all existing containers
|
||||
pub fn features(_: Features) -> Result<()> {
|
||||
// Query supported namespaces
|
||||
let namespaces = match query_supported_namespaces() {
|
||||
Ok(ns) => ns,
|
||||
Err(e) => {
|
||||
eprintln!("Error querying supported namespaces: {}", e);
|
||||
Vec::new()
|
||||
}
|
||||
};
|
||||
|
||||
// Query available capabilities
|
||||
let capabilities = match query_caps() {
|
||||
Ok(caps) => caps,
|
||||
Err(e) => {
|
||||
eprintln!("Error querying available capabilities: {}", e);
|
||||
Vec::new()
|
||||
}
|
||||
};
|
||||
|
||||
let features = HardFeatures {
|
||||
oci_version_min: Some(String::from("1.0.0")),
|
||||
oci_version_max: Some(String::from("1.0.2-dev")),
|
||||
hooks: Some(vec![
|
||||
String::from("prestart"),
|
||||
String::from("createRuntime"),
|
||||
String::from("createContainer"),
|
||||
String::from("startContainer"),
|
||||
String::from("poststart"),
|
||||
String::from("poststop"),
|
||||
]),
|
||||
mount_options: Some(vec![
|
||||
String::from("acl"),
|
||||
String::from("async"),
|
||||
String::from("atime"),
|
||||
String::from("bind"),
|
||||
String::from("defaults"),
|
||||
String::from("dev"),
|
||||
String::from("diratime"),
|
||||
String::from("dirsync"),
|
||||
String::from("exec"),
|
||||
String::from("iversion"),
|
||||
String::from("lazytime"),
|
||||
String::from("loud"),
|
||||
String::from("mand"),
|
||||
String::from("noacl"),
|
||||
String::from("noatime"),
|
||||
String::from("nodev"),
|
||||
String::from("nodiratime"),
|
||||
String::from("noexec"),
|
||||
String::from("noiversion"),
|
||||
String::from("nolazytime"),
|
||||
String::from("nomand"),
|
||||
String::from("norelatime"),
|
||||
String::from("nostrictatime"),
|
||||
String::from("nosuid"),
|
||||
String::from("nosymfollow"),
|
||||
String::from("private"),
|
||||
String::from("ratime"),
|
||||
String::from("rbind"),
|
||||
String::from("rdev"),
|
||||
String::from("rdiratime"),
|
||||
String::from("relatime"),
|
||||
String::from("remount"),
|
||||
String::from("rexec"),
|
||||
String::from("rnoatime"),
|
||||
String::from("rnodev"),
|
||||
String::from("rnodiratime"),
|
||||
String::from("rnoexec"),
|
||||
String::from("rnorelatime"),
|
||||
String::from("rnostrictatime"),
|
||||
String::from("rnosuid"),
|
||||
String::from("rnosymfollow"),
|
||||
String::from("ro"),
|
||||
String::from("rprivate"),
|
||||
String::from("rrelatime"),
|
||||
String::from("rro"),
|
||||
String::from("rrw"),
|
||||
String::from("rshared"),
|
||||
String::from("rslave"),
|
||||
String::from("rstrictatime"),
|
||||
String::from("rsuid"),
|
||||
String::from("rsymfollow"),
|
||||
String::from("runbindable"),
|
||||
String::from("rw"),
|
||||
String::from("shared"),
|
||||
String::from("silent"),
|
||||
String::from("slave"),
|
||||
String::from("strictatime"),
|
||||
String::from("suid"),
|
||||
String::from("symfollow"),
|
||||
String::from("sync"),
|
||||
String::from("tmpcopyup"),
|
||||
String::from("unbindable"),
|
||||
]),
|
||||
linux: Some(Linux {
|
||||
namespaces: Some(namespaces),
|
||||
capabilities: Some(capabilities),
|
||||
cgroup: Some(Cgroup {
|
||||
v1: Some(true),
|
||||
v2: Some(true),
|
||||
systemd: Some(true),
|
||||
systemd_user: Some(true),
|
||||
}),
|
||||
seccomp: Some(Seccomp {
|
||||
enabled: Some(true),
|
||||
actions: Some(vec![
|
||||
String::from("SCMP_ACT_ALLOW"),
|
||||
String::from("SCMP_ACT_ERRNO"),
|
||||
String::from("SCMP_ACT_KILL"),
|
||||
String::from("SCMP_ACT_KILL_PROCESS"),
|
||||
String::from("SCMP_ACT_KILL_THREAD"),
|
||||
String::from("SCMP_ACT_LOG"),
|
||||
String::from("SCMP_ACT_NOTIFY"),
|
||||
String::from("SCMP_ACT_TRACE"),
|
||||
String::from("SCMP_ACT_TRAP"),
|
||||
]),
|
||||
operators: Some(vec![
|
||||
String::from("SCMP_CMP_EQ"),
|
||||
String::from("SCMP_CMP_GE"),
|
||||
String::from("SCMP_CMP_GT"),
|
||||
String::from("SCMP_CMP_LE"),
|
||||
String::from("SCMP_CMP_LT"),
|
||||
String::from("SCMP_CMP_MASKED_EQ"),
|
||||
String::from("SCMP_CMP_NE"),
|
||||
]),
|
||||
archs: Some(vec![
|
||||
String::from("SCMP_ARCH_AARCH64"),
|
||||
String::from("SCMP_ARCH_ARM"),
|
||||
String::from("SCMP_ARCH_MIPS"),
|
||||
String::from("SCMP_ARCH_MIPS64"),
|
||||
String::from("SCMP_ARCH_MIPS64N32"),
|
||||
String::from("SCMP_ARCH_MIPSEL"),
|
||||
String::from("SCMP_ARCH_MIPSEL64"),
|
||||
String::from("SCMP_ARCH_MIPSEL64N32"),
|
||||
String::from("SCMP_ARCH_PPC"),
|
||||
String::from("SCMP_ARCH_PPC64"),
|
||||
String::from("SCMP_ARCH_PPC64LE"),
|
||||
String::from("SCMP_ARCH_RISCV64"),
|
||||
String::from("SCMP_ARCH_S390"),
|
||||
String::from("SCMP_ARCH_S390X"),
|
||||
String::from("SCMP_ARCH_X32"),
|
||||
String::from("SCMP_ARCH_X86"),
|
||||
String::from("SCMP_ARCH_X86_64"),
|
||||
]),
|
||||
}),
|
||||
apparmor: Some(Apparmor {
|
||||
enabled: Some(true),
|
||||
}),
|
||||
selinux: Some(Selinux {
|
||||
enabled: Some(true),
|
||||
}),
|
||||
}),
|
||||
annotations: {
|
||||
let mut annotations_map = HashMap::new();
|
||||
annotations_map.insert(
|
||||
ANNOTATION_LIBSECCOMP_VERSION.to_string(),
|
||||
String::from("2.5.3"),
|
||||
);
|
||||
annotations_map.insert(
|
||||
ANNOTATION_RUNC_CHECKPOINT_ENABLED.to_string(),
|
||||
String::from("true"),
|
||||
);
|
||||
annotations_map.insert(
|
||||
ANNOTATION_RUNC_COMMIT.to_string(),
|
||||
String::from("v1.1.9-0-gccaecfc"),
|
||||
);
|
||||
annotations_map.insert(ANNOTATION_RUNC_VERSION.to_string(), String::from("1.1.9"));
|
||||
Some(annotations_map)
|
||||
},
|
||||
};
|
||||
|
||||
// Print out the created struct to verify
|
||||
let pretty_json_str = serde_json::to_string_pretty(&features)?;
|
||||
println!("{}", pretty_json_str);
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
use libcontainer::oci_spec::runtime::Spec;
|
||||
use wasmtime::*;
|
||||
use wasmtime_wasi::WasiCtxBuilder;
|
||||
use wasi_common::sync::{add_to_linker, WasiCtxBuilder};
|
||||
use wasmtime::{Engine, Linker, Module, Store};
|
||||
|
||||
use libcontainer::workload::{Executor, ExecutorError, ExecutorValidationError, EMPTY};
|
||||
|
||||
|
@ -59,7 +59,7 @@ impl Executor for WasmtimeExecutor {
|
|||
})?;
|
||||
|
||||
let mut linker = Linker::new(&engine);
|
||||
wasmtime_wasi::add_to_linker(&mut linker, |s| s).map_err(|err| {
|
||||
add_to_linker(&mut linker, |s| s).map_err(|err| {
|
||||
tracing::error!(err = ?err, "cannot add wasi context to linker");
|
||||
ExecutorError::Other("cannot add wasi context to linker".to_string())
|
||||
})?;
|
||||
|
|
|
@ -13,3 +13,6 @@ RUN dpkg --add-architecture ${CROSS_DEB_ARCH} && \
|
|||
zlib1g-dev:${CROSS_DEB_ARCH} \
|
||||
# dependencies to build wasmedge-sys
|
||||
libzstd-dev:${CROSS_DEB_ARCH}
|
||||
|
||||
COPY hack/busctl.sh /bin/busctl
|
||||
RUN chmod +x /bin/busctl
|
||||
|
|
|
@ -22,6 +22,9 @@ ENV LIBSECCOMP_LIB_PATH="${CROSS_SYSROOT}/lib"
|
|||
ENV WASMEDGE_DEP_STDCXX_LINK_TYPE="static"
|
||||
ENV WASMEDGE_DEP_STDCXX_LIB_PATH="${CROSS_SYSROOT}/lib"
|
||||
|
||||
COPY hack/busctl.sh /bin/busctl
|
||||
RUN chmod +x /bin/busctl
|
||||
|
||||
# wasmedge-sys (through llvm) needs some symbols defined in libgcc
|
||||
RUN mkdir /.cargo && cat <<'EOF' > /.cargo/config.toml
|
||||
[target.'cfg(target_env = "musl")']
|
||||
|
|
|
@ -11,7 +11,7 @@ pub fn gen_validate(arc: &Arch) -> Vec<Instruction> {
|
|||
};
|
||||
|
||||
vec![
|
||||
Instruction::stmt(BPF_LD | BPF_W | BPF_ABS, SECCOMP_DATA_ARCH_OFFSET as u32),
|
||||
Instruction::stmt(BPF_LD | BPF_W | BPF_ABS, seccomp_data_arch_offset() as u32),
|
||||
Instruction::jump(BPF_JMP | BPF_JEQ | BPF_K, 1, 0, arch),
|
||||
Instruction::stmt(BPF_RET | BPF_K, SECCOMP_RET_KILL_PROCESS),
|
||||
]
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
use std::{mem::offset_of, os::raw::c_int};
|
||||
|
||||
// BPF Instruction classes.
|
||||
// See /usr/include/linux/bpf_common.h .
|
||||
// Load operation.
|
||||
|
@ -56,8 +58,51 @@ pub const AUDIT_ARCH_AARCH64: u32 = 183 | 0x8000_0000 | 0x4000_0000;
|
|||
// __u64 args[6];
|
||||
// };
|
||||
// ```
|
||||
pub const SECCOMP_DATA_ARCH_OFFSET: u8 = 4;
|
||||
pub const SECCOMP_DATA_ARGS_OFFSET: u8 = 16;
|
||||
pub const SECCOMP_DATA_ARG_SIZE: u8 = 8;
|
||||
|
||||
#[repr(C)]
|
||||
struct SeccompData {
|
||||
nr: c_int,
|
||||
arch: u32,
|
||||
instruction_pointer: u64,
|
||||
args: [u64; 6],
|
||||
}
|
||||
|
||||
pub const fn seccomp_data_arch_offset() -> u8 {
|
||||
offset_of!(SeccompData, arch) as u8
|
||||
}
|
||||
|
||||
pub const fn seccomp_data_arg_size() -> u8 {
|
||||
8
|
||||
}
|
||||
|
||||
pub const fn seccomp_data_args_offset() -> u8 {
|
||||
offset_of!(SeccompData, args) as u8
|
||||
}
|
||||
|
||||
pub const SECCOMP_IOC_MAGIC: u8 = b'!';
|
||||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use super::*;
|
||||
|
||||
#[test]
|
||||
fn test_seccomp_data_arch_offset() {
|
||||
if cfg!(target_arch = "x86_64") {
|
||||
assert_eq!(seccomp_data_arch_offset(), 4);
|
||||
}
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_seccomp_data_arg_size_offset() {
|
||||
if cfg!(target_arch = "x86_64") {
|
||||
assert_eq!(seccomp_data_arg_size_offset(), 8);
|
||||
}
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_seccomp_data_args_offset() {
|
||||
if cfg!(target_arch = "x86_64") {
|
||||
assert_eq!(seccomp_data_args_offset(), 16);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
#!/bin/sh
|
||||
|
||||
# This hack script is the dummy busctl command used when running tests with cross containers.
|
||||
|
||||
# The issue is that we cannot run systemd or dbus inside the test container without a lot
|
||||
# of hacks. For one specific test - test_task_addition, we need to check that the task
|
||||
# addition via systemd manager works. We mount the host dbus socket in the test container, so
|
||||
# dbus calls work, but for the initial authentication, we use busctl which needs dbus and systemd
|
||||
# to be present and running. So instead of doing all that, we simply run the container with the
|
||||
# actual test running user's uid/gid and here we echo the only relevant line from busctl's
|
||||
# output, using id to get the uid. This is a hack, but less complex than actually setting up
|
||||
# and running the systemd+dbus inside the container.
|
||||
|
||||
echo "OwnerUID=$(id -u)"
|
|
@ -56,7 +56,11 @@ if [ "$CARGO" == "cross" ]; then
|
|||
|
||||
# mount run to have access to dbus socket.
|
||||
# mount /tmp so as shared for test_make_parent_mount_private
|
||||
export CROSS_CONTAINER_OPTS="--privileged -v/run:/run --mount=type=bind,source=/tmp,destination=/tmp,bind-propagation=shared"
|
||||
# Then there are few "hacks" specificallt for test_task_addition
|
||||
# run with user same as the invoking user, so that the dbus is connected with correct user
|
||||
# we want pid ns of host, because we will be connecting to the host dbus, and it needs task pid from host
|
||||
# finally we need to mount the cgroup as read-only, as we need that to check if the tasks are correctly added
|
||||
export CROSS_CONTAINER_OPTS="--privileged --user `id -u`:`id -g` --pid=host -v /sys/fs/cgroup:/sys/fs/cgroup:ro -v/run:/run --mount=type=bind,source=/tmp,destination=/tmp,bind-propagation=shared"
|
||||
fi
|
||||
|
||||
if [ "$1" == "--print-target-dir" ]; then
|
||||
|
|
|
@ -10,9 +10,35 @@ podman rm --force --ignore create-test # remove if existing
|
|||
podman create --runtime $runtime --name create-test hello-world
|
||||
log=$(podman start -a create-test)
|
||||
echo $log | grep "This message shows that your installation appears to be working correctly"
|
||||
podman rm create-test
|
||||
podman rm --force --ignore create-test
|
||||
|
||||
rand=$(head -c 10 /dev/random | base64)
|
||||
|
||||
log=$(podman run --runtime $runtime fedora echo "$rand")
|
||||
echo $log | grep $rand
|
||||
echo $log | grep $rand
|
||||
|
||||
podman kill exec-test || true # ignore failure for killing
|
||||
podman rm --force --ignore exec-test
|
||||
podman run -d --runtime $runtime --name exec-test busybox sleep 10m
|
||||
|
||||
rand=$(head -c 10 /dev/random | base64)
|
||||
|
||||
log=$(podman exec --runtime $runtime exec-test echo "$rand")
|
||||
echo $log | grep $rand
|
||||
|
||||
CGROUP_SUB_PATH=$(podman inspect exec-test | jq .[0].State.CgroupPath | tr -d "\"")
|
||||
CGROUP_PATH="/sys/fs/cgroup$CGROUP_SUB_PATH/cgroup.procs"
|
||||
|
||||
# assert we have exactly one process in the cgroup
|
||||
test $(cat $CGROUP_PATH | wc -l) -eq 1
|
||||
# assert pid match
|
||||
test $(cat $CGROUP_PATH) -eq $(podman inspect exec-test | jq .[0].State.Pid)
|
||||
|
||||
podman exec -d --runtime $runtime exec-test sleep 5m
|
||||
|
||||
# we cannot exactly check the pid of tenant here, instead just check that there are
|
||||
# two processes in the same cgroup now
|
||||
test $(cat $CGROUP_PATH | wc -l) -eq 2
|
||||
|
||||
podman kill exec-test
|
||||
podman rm --force --ignore exec-test
|
||||
|
|
Loading…
Reference in New Issue